Merge pull request #70 from mozilla/feature/drop-farspark

Drop farspark

ansible/farspark-config.yml

@@ -1,7 +0,0 @@
----
-
-- hosts: all
-  gather_facts: false
-  become: true
-  roles:
-  - role: farspark

ansible/roles/farspark/tasks/main.yml

@@ -1,41 +0,0 @@
----
-
-- block:
-  - name: Include main vars
-    include_vars:
-      file: "{{ secrets_path }}/roles/farspark/vars/main.yml"
-
-  - name: Include environment specific vars
-    include_vars:
-      file: "{{ secrets_path }}/roles/farspark/vars/{{ env }}.yml"
-
-  - name: Install moz hab-butterfly (needed until https://github.com/habitat-sh/habitat/issues/5257 is closed)
-    shell: "hab pkg install mozillareality/hab-butterfly"
-
-  - name: Create work directory
-    tempfile:
-      state: directory
-      suffix: deploy
-    register: work_dir
-
-  - name: Write Farspark config file
-    template:
-      src: farspark.toml.j2
-      dest: "{{ work_dir.path }}/farspark.toml"
-
-  - name: Write DD agent config file
-    template:
-      src: dd-agent.toml.j2
-      dest: "{{ work_dir.path }}/dd-agent.toml"
-
-  - name: Deploy Farspark configs
-    shell: "cat {{ work_dir.path }}/farspark.toml | /hab/pkgs/mozillareality/hab-butterfly/0.39.1/20171118004554/bin/hab-butterfly config apply --peer $(curl -s http://169.254.169.254/latest/meta-data/local-ipv4) --org mozillareality --ring mr farspark.default $(date +%s)"
-
-  - name: Deploy Datadog Agent configs
-    shell: "cat {{ work_dir.path }}/dd-agent.toml | /hab/pkgs/mozillareality/hab-butterfly/0.39.1/20171118004554/bin/hab-butterfly config apply --peer $(curl -s http://169.254.169.254/latest/meta-data/local-ipv4) --org mozillareality --ring mr dd-agent.default $(date +%s)"
-
-  always:
-  - name: Remove work directory
-    file:
-      path: "{{ work_dir.path }}"
-      state: absent

ansible/roles/farspark/templates/dd-agent.toml.j2

@@ -1,5 +0,0 @@
-[general]
-api_key = "{{ dd_api_key }}"
-
-[aws]
-collect_ec2_tags = "yes"

ansible/roles/farspark/templates/farspark.toml.j2

@@ -1,15 +0,0 @@
-[signature]
-key = "{{ farspark_signature_key }}"
-salt = "{{ farspark_signature_salt }}"
-
-[security]
-allow_origins = "{{ farspark_allow_origins }}"
-
-[server]
-read_timeout = 90
-write_timeout = 90
-download_timeout = 30
-
-[misc]
-server_url = "{{ farspark_server_url }}"
-cache_size = 4294967296

ansible/roles/ret/templates/reticulum.toml.j2

@@ -53,11 +53,6 @@ alb_target_group_arn = "{{ alb_target_group_arn }}"
 smoke_alb_target_group_arn = "{{ smoke_alb_target_group_arn }}"
 {% endif %}
 
-[farspark]
-signature_key = "{{ farspark_signature_key }}"
-signature_salt = "{{ farspark_signature_salt }}"
-host = "{{ farspark_host }}"
-
 [ret]
 bot_access_key = "{{ ret_bot_access_key }}"
 

ansible/roles/ret/vars/local.yml

@@ -12,9 +12,6 @@ phoenix_allow_all_origins: "true"
 hubs_page_origin: "https://hubs.local:8080"
 spoke_page_origin: "https://hubs.local:9090"
 page_origin_insecure_ssl: "true"
-farspark_signature_key: "248cf801c4f5d6fd70c1b0dfea8dedeb57adafa7821027d546f016efef5a501bd8168c8479d33b466199d0ac68c71bb71b68c27537102a63cd70776aa83bca76"
-farspark_signature_salt: "da914bb89e332b2a815a667875584d067b698fe1f6f5c61d98384dc74d2ed85b67eea0a51325afb9d9c7d798f4bbbd630102a261e152aceb13d9469b02da6b31"
-farspark_host: 
 ret_bot_access_key: "secret"
 giphy_api_key: null
 deviantart_client_id: null

terraform/modules/farspark/main.tf

@@ -1,294 +0,0 @@
-variable "shared" { type = "map" }
-terraform { backend "s3" {} }
-provider "aws" { region = "${var.shared["region"]}", version = "~> 1.15" }
-provider "aws" { alias = "east", region = "us-east-1", version = "~> 1.15" }
-data "aws_availability_zones" "all" {}
-
-data "terraform_remote_state" "vpc" { backend = "s3", config = { key = "vpc/terraform.tfstate", bucket = "${var.shared["state_bucket"]}", region = "${var.shared["region"]}", dynamodb_table = "${var.shared["dynamodb_table"]}", encrypt = "true" } }
-data "terraform_remote_state" "base" { backend = "s3", config = { key = "base/terraform.tfstate", bucket = "${var.shared["state_bucket"]}", region = "${var.shared["region"]}", dynamodb_table = "${var.shared["dynamodb_table"]}", encrypt = "true" } }
-data "terraform_remote_state" "bastion" { backend = "s3", config = { key = "bastion/terraform.tfstate", bucket = "${var.shared["state_bucket"]}", region = "${var.shared["region"]}", dynamodb_table = "${var.shared["dynamodb_table"]}", encrypt = "true" } }
-data "terraform_remote_state" "hab" { backend = "s3", config = { key = "hab/terraform.tfstate", bucket = "${var.shared["state_bucket"]}", region = "${var.shared["region"]}", dynamodb_table = "${var.shared["dynamodb_table"]}", encrypt = "true" } }
-
-data "aws_route53_zone" "farspark-zone" {
-  name = "${var.farspark_domain}."
-}
-
-data "aws_acm_certificate" "farspark-alb-listener-cert" {
-  domain = "*.${var.farspark_domain}"
-  statuses = ["ISSUED"]
-  most_recent = true
-}
-
-data "aws_acm_certificate" "farspark-alb-listener-cert-east" {
-  provider = "aws.east"
-  domain = "*.${var.farspark_domain}"
-  statuses = ["ISSUED"]
-  most_recent = true
-}
-
-data "aws_ami" "hab-base-ami" {
-  most_recent = true
-  owners = ["self"]
-
-  filter {
-    name = "name"
-    values = ["hab-base-*"]
-  }
-}
-
-resource "aws_security_group" "farspark-alb" {
-  name = "${var.shared["env"]}-farspark-alb"
-  vpc_id = "${data.terraform_remote_state.vpc.vpc_id}"
-}
-
-resource "aws_security_group_rule" "farspark-alb-egress" {
-  type = "egress"
-  from_port = "${var.farspark_http_port}"
-  to_port = "${var.farspark_http_port}"
-  protocol = "tcp"
-  security_group_id = "${aws_security_group.farspark-alb.id}"
-  source_security_group_id = "${aws_security_group.farspark.id}"
-}
-
-resource "aws_alb" "farspark-alb" {
-  name = "${var.shared["env"]}-farspark-alb"
-
-  security_groups = [
-    "${aws_security_group.farspark-alb.id}",
-    "${data.terraform_remote_state.base.cloudfront_http_security_group_id}",
-    "${data.terraform_remote_state.base.cloudfront_https_security_group_id}"
-  ]
-
-  subnets = ["${data.terraform_remote_state.vpc.public_subnet_ids}"]
-
-  lifecycle { create_before_destroy = true }
-}
-
-resource "aws_alb_target_group" "farspark-alb-group-http" {
-  name = "${var.shared["env"]}-farspark-alb-group-http"
-  vpc_id = "${data.terraform_remote_state.vpc.vpc_id}"
-  port = "${var.farspark_http_port}"
-  protocol = "HTTP"
-  deregistration_delay = 0
-
-  health_check {
-    path = "/health"
-    healthy_threshold = 2
-    unhealthy_threshold = 2
-    interval = 10
-    timeout = 5
-  }
-}
-
-resource "aws_alb_listener" "farspark-ssl-alb-listener" {
-  load_balancer_arn = "${aws_alb.farspark-alb.arn}"
-  port = 443
-
-  protocol = "HTTPS"
-  ssl_policy = "ELBSecurityPolicy-2015-05"
-
-  certificate_arn = "${data.aws_acm_certificate.farspark-alb-listener-cert.arn}"
-
-  default_action {
-    target_group_arn = "${aws_alb_target_group.farspark-alb-group-http.arn}"
-    type = "forward"
-  }
-}
-
-resource "aws_security_group" "farspark" {
-  name = "${var.shared["env"]}-farspark"
-  vpc_id = "${data.terraform_remote_state.vpc.vpc_id}"
-
-  egress {
-    from_port = "80"
-    to_port = "80"
-    protocol = "tcp"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
-
-  egress {
-    from_port = "443"
-    to_port = "443"
-    protocol = "tcp"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
-
-  # Farspark HTTP
-  ingress {
-    from_port = "${var.farspark_http_port}"
-    to_port = "${var.farspark_http_port}"
-    protocol = "tcp"
-    security_groups = ["${aws_security_group.farspark-alb.id}"]
-  }
-
-  # SSH
-  ingress {
-    from_port = "22"
-    to_port = "22"
-    protocol = "tcp"
-    security_groups = ["${data.terraform_remote_state.bastion.bastion_security_group_id}"]
-  }
-
-  # NTP
-  egress {
-    from_port = "123"
-    to_port = "123"
-    protocol = "udp"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
-}
-
-resource "aws_iam_role" "farspark" {
-  name = "${var.shared["env"]}-farspark"
-  assume_role_policy = "${var.shared["ec2_role_policy"]}"
-}
-
-resource "aws_iam_role_policy_attachment" "bastion-base-policy" {
-  role = "${aws_iam_role.farspark.name}"
-  policy_arn = "${data.terraform_remote_state.base.base_policy_arn}"
-}
-
-resource "aws_iam_instance_profile" "farspark" {
-  name = "${var.shared["env"]}-farspark"
-  role = "${aws_iam_role.farspark.id}"
-}
-
-resource "aws_launch_configuration" "farspark" {
-  image_id = "${data.aws_ami.hab-base-ami.id}"
-  instance_type = "${var.farspark_instance_type}"
-  security_groups = [
-    "${aws_security_group.farspark.id}",
-    "${data.terraform_remote_state.hab.hab_ring_security_group_id}",
-  ]
-  key_name = "${data.terraform_remote_state.base.mr_ssh_key_id}"
-  iam_instance_profile = "${aws_iam_instance_profile.farspark.id}"
-  associate_public_ip_address = false
-  lifecycle { create_before_destroy = true }
-  root_block_device { volume_size = 64 }
-  user_data = <<EOF
-#!/usr/bin/env bash
-while ! nc -z localhost 9632 ; do sleep 1; done
-systemctl restart systemd-sysctl.service
-
-sudo /usr/bin/hab svc load mozillareality/farspark --strategy ${var.farspark_restart_strategy} --url https://bldr.habitat.sh --channel ${var.farspark_channel}
-sudo /usr/bin/hab svc load mozillareality/dd-agent --strategy at-once --url https://bldr.habitat.sh --channel stable
-EOF
-}
-
-resource "aws_autoscaling_group" "farspark" {
-  name = "${var.shared["env"]}-farspark"
-  launch_configuration = "${aws_launch_configuration.farspark.id}"
-  availability_zones = ["${data.aws_availability_zones.all.names}"]
-  vpc_zone_identifier = ["${data.terraform_remote_state.vpc.private_subnet_ids}"]
-
-  min_size = "${var.min_farspark_servers}"
-  max_size = "${var.max_farspark_servers}"
-
-  target_group_arns = ["${aws_alb_target_group.farspark-alb-group-http.arn}"]
-
-  lifecycle { create_before_destroy = true }
-  tag { key = "env", value = "${var.shared["env"]}", propagate_at_launch = true }
-  tag { key = "host-type", value = "${var.shared["env"]}-farspark", propagate_at_launch = true }
-  tag { key = "hab-ring", value = "${var.shared["env"]}", propagate_at_launch = true }
-}
-
-resource "aws_cloudfront_distribution" "farspark-cdn" {
-  enabled = true
-
-  origin {
-    origin_id = "farspark-${var.shared["env"]}"
-    domain_name = "${var.shared["env"]}-farspark-alb.${var.farspark_domain}"
-
-    custom_origin_config {
-      http_port = 80
-      https_port = 443
-      origin_ssl_protocols = ["SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"]
-      origin_protocol_policy = "https-only"
-    }
-  }
-
-  restrictions {
-    geo_restriction {
-      restriction_type = "none"
-    }
-  }
-
-  aliases = ["${var.farspark_dns_prefix}${var.farspark_domain}"]
-
-  default_cache_behavior {
-    compress = true
-    allowed_methods = ["GET", "HEAD", "OPTIONS"]
-    cached_methods = ["GET", "HEAD"]
-    target_origin_id = "farspark-${var.shared["env"]}"
-
-    forwarded_values {
-      query_string = true
-      headers = ["Origin", "Content-Type", "Range"]
-      cookies { forward = "none" }
-    }
-
-    viewer_protocol_policy = "https-only"
-  }
-
-  custom_error_response {
-    error_code = 403
-    error_caching_min_ttl = 0
-  }
-
-  custom_error_response {
-    error_code = 404
-    error_caching_min_ttl = 0
-  }
-
-  custom_error_response {
-    error_code = 500
-    error_caching_min_ttl = 0
-  }
-
-  custom_error_response {
-    error_code = 502
-    error_caching_min_ttl = 0
-  }
-
-  custom_error_response {
-    error_code = 503
-    error_caching_min_ttl = 0
-  }
-
-  custom_error_response {
-    error_code = 504
-    error_caching_min_ttl = 0
-  }
-
-  price_class = "PriceClass_All"
-
-  viewer_certificate {
-    acm_certificate_arn = "${data.aws_acm_certificate.farspark-alb-listener-cert-east.arn}"
-    ssl_support_method = "sni-only"
-    minimum_protocol_version = "TLSv1"
-  }
-}
-
-resource "aws_route53_record" "farspark-alb-dns" {
-  zone_id = "${data.aws_route53_zone.farspark-zone.zone_id}"
-  name = "${var.shared["env"]}-farspark-alb.${data.aws_route53_zone.farspark-zone.name}"
-  type = "A"
-
-  alias {
-    name = "${aws_alb.farspark-alb.dns_name}"
-    zone_id = "${aws_alb.farspark-alb.zone_id}"
-    evaluate_target_health = true
-  }
-}
-
-resource "aws_route53_record" "farspark-dns" {
-  zone_id = "${data.aws_route53_zone.farspark-zone.zone_id}"
-  name = "${var.farspark_dns_prefix}${data.aws_route53_zone.farspark-zone.name}"
-  type = "A"
-
-  alias {
-    name = "${aws_cloudfront_distribution.farspark-cdn.domain_name}"
-    zone_id = "${aws_cloudfront_distribution.farspark-cdn.hosted_zone_id}"
-    evaluate_target_health = false
-  }
-}

terraform/modules/farspark/output.tf

@@ -1,11 +0,0 @@
-output "farspark_target_group_id" {
-  value = "${aws_alb_target_group.farspark-alb-group-http.arn}"
-}
-
-output "farspark_security_group_id" {
-  value = "${aws_security_group.farspark.id}"
-}
-
-output "farspark_alb_id" {
-  value = "${aws_alb.farspark-alb.id}"
-}

terraform/modules/farspark/vars.tf

@@ -1,31 +0,0 @@
-variable "farspark_instance_type" {
-  description = "Farspark server instance type"
-}
-
-variable "farspark_dns_prefix" {
-  description = "Prefix before domain for DNS entry"
-}
-
-variable "farspark_http_port" {
-  description = "Farspark HTTP service listener port"
-}
-
-variable "min_farspark_servers" {
-  description = "Minimum number of farspark servers to run"
-}
-
-variable "max_farspark_servers" {
-  description = "Maximum number of farspark servers to run"
-}
-
-variable "farspark_domain" {
-  description = "Domain name being used for farspark server (ex reticulum.io)"
-}
-
-variable "farspark_channel" {
-  description = "Distribution channel for farspark servers"
-}
-
-variable "farspark_restart_strategy" {
-  description = "Habitat restart strategy for farspark"
-}